CN117579428A - Method and device for interconnection and interworking of cloud network cross-technology stacks - Google Patents
Method and device for interconnection and interworking of cloud network cross-technology stacks Download PDFInfo
- Publication number
- CN117579428A CN117579428A CN202311512620.9A CN202311512620A CN117579428A CN 117579428 A CN117579428 A CN 117579428A CN 202311512620 A CN202311512620 A CN 202311512620A CN 117579428 A CN117579428 A CN 117579428A
- Authority
- CN
- China
- Prior art keywords
- message
- vpc
- idc
- service data
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000005516 engineering process Methods 0.000 title claims abstract description 34
- 238000005538 encapsulation Methods 0.000 claims abstract description 18
- 238000012544 monitoring process Methods 0.000 claims description 31
- 238000004590 computer program Methods 0.000 claims description 27
- 238000003860 storage Methods 0.000 claims description 7
- 230000005641 tunneling Effects 0.000 claims 2
- 206010047289 Ventricular extrasystoles Diseases 0.000 description 69
- 238000005129 volume perturbation calorimetry Methods 0.000 description 67
- 230000008569 process Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 11
- 238000002955 isolation Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 7
- 238000007726 management method Methods 0.000 description 6
- 238000013461 design Methods 0.000 description 5
- 238000012423 maintenance Methods 0.000 description 4
- 238000013508 migration Methods 0.000 description 4
- 230000005012 migration Effects 0.000 description 4
- 238000011084 recovery Methods 0.000 description 4
- 230000006978 adaptation Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 230000000630 rising effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Abstract
The invention discloses a method and a device for interconnection and interworking of cloud networks across technology stacks, which can be used in the field of financial science and technology, wherein the method comprises the following steps: receiving a data packet and identifying the message type of the data packet; the message type is a service data message of which the VPC sends to the IDC, the service data message of which the VPC is successfully compared and which sends to the IDC is unpacked, and the unpacked message is forwarded; the method comprises the steps of carrying out tunnel encapsulation on a service data message with the message type of IDC sent to VPC according to a destination address in the service data message with the IDC sent to VPC, and forwarding the message after tunnel encapsulation; when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU. The invention can meet the requirement of stable low time delay and reduce the overall complexity of the system.
Description
Technical Field
The invention relates to the field of financial science and technology, in particular to a method and a device for interconnection and interworking of cloud networks across technical stacks.
Background
This section is intended to provide a background or context for embodiments of the invention. The description herein is not admitted to be prior art by inclusion in this section.
Currently, various business systems are deployed and migrated to a cloud environment by various enterprises. In the deployment and migration processes, the conditions that a newly built public cloud environment and an existing private cloud environment coexist, a plurality of sets of cloud environments with different technical stacks coexist, a plurality of sets of technical stacks are the same, and management control system versions are different in cloud environments coexist exist. In addition, these conditions will exist for a long time under regulatory requirements or high availability, traffic isolation, etc. On the premise that all cloud management systems are mutually independent, cloud network interconnection and interworking of all technical stacks in the deployment and migration processes become bottlenecks.
In the traditional mode, in order to realize interconnection of cloud networks of all technical stacks, a special line of each technical stack is needed to be relied on to access a cloud product, the cloud network is connected with a regional local area network and a core network of an enterprise, and corresponding configuration is carried out to realize that two technical stack cloud network routes are reachable, so that no solution for the problem exists in the prior art.
Disclosure of Invention
The embodiment of the invention provides a method for interconnection and interworking of cloud network cross-technology stacks, which is used for meeting the requirement of stable low time delay and reducing the overall complexity of a system, and comprises the following steps:
receiving a data packet, and identifying the message type of the data packet, wherein the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC, or a service data message sent to the VPC by the IDC;
inquiring first routing information from a preset routing table according to tunnel ID and session information in the service data message of which the message type is VPC and sent to IDC, comparing the first routing information with the preset routing information, decapsulating the service data message of which the comparison is successful and sending the decapsulated message to forwarding the decapsulated message;
inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the successfully compared IDC sent to VPC, and forwarding the tunnel encapsulated message;
when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU.
The embodiment of the invention also provides a cloud network cross-technology stack interconnection device, which is used for meeting the requirement of stable low time delay and reducing the overall complexity of the system, and comprises the following components:
the data receiving module is used for receiving the data packet and identifying the message type of the data packet, wherein the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC or a service data message sent to the VPC by the IDC;
the de-encapsulation module is used for de-encapsulating the service data message with the message type of VPC sent to IDC, inquiring first route information from a preset route table according to tunnel ID and session information in the service data message with the VPC sent to IDC, comparing the first route information with the preset route information, de-encapsulating the service data message with the successfully compared VPC sent to IDC, and forwarding the de-encapsulated message;
the encapsulation module is used for inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to the VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the message type of IDC sent to the VPC, and forwarding the tunnel-encapsulated message;
and the marking module is used for marking the metadata in the control type message when the message type is the control type message and sending the marked metadata to the CPU.
The embodiment of the invention also provides computer equipment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the method for realizing the interconnection and intercommunication of the cloud network crossing technology stacks is realized when the processor executes the computer program.
The embodiment of the invention also provides a computer readable storage medium which stores a computer program, and the computer program realizes the method for interconnection and interworking of the cloud network crossing technology stacks when being executed by a processor.
The embodiment of the invention also provides a computer program product, which comprises a computer program, and the computer program realizes the method for interconnection and intercommunication of the cloud network crossing technology stacks when being executed by a processor.
In the embodiment of the invention, a data packet is received, the message type of the data packet is identified, and the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC, or a service data message sent to the VPC by the IDC; inquiring first routing information from a preset routing table according to tunnel ID and session information in the service data message of which the message type is VPC and sent to IDC, comparing the first routing information with the preset routing information, decapsulating the service data message of which the comparison is successful and sending the decapsulated message to forwarding the decapsulated message; inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the successfully compared IDC sent to VPC, and forwarding the tunnel encapsulated message; when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU. Thus, the high throughput capacity of the special programmable switching chip can meet the network throughput capacity of Tbps level only by a small amount of equipment carrying the chip, and meanwhile, the special network chip can meet the requirement of stable low time delay under any load condition. On the control plane, the agent components on the original gateway server are multiplexed by utilizing the matched CPU and operating system of the programmable switching chip, so that the complexity of the whole system is reduced.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:
fig. 1 is a flowchart of a method for interconnection and interworking of cloud networks across technology stacks provided in an embodiment of the present invention;
FIG. 2 is an exemplary diagram of a data plane physical network architecture provided in an embodiment of the present invention;
FIG. 3 is a schematic diagram of a cluster and network scheme provided in an embodiment of the present invention;
fig. 4 is a schematic diagram of a device for interconnection and interworking of cloud networks across technology stacks provided in an embodiment of the present invention;
fig. 5 is a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present invention and their descriptions herein are for the purpose of explaining the present invention, but are not to be construed as limiting the invention.
The term "and/or" is used herein to describe only one relationship, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist together, and B exists alone. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality, for example, including at least one of A, B, C, and may mean including any one or more elements selected from the group consisting of A, B and C.
In the description of the present specification, the terms "comprising," "including," "having," "containing," and the like are open-ended terms, meaning including, but not limited to. Reference to the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The sequence of steps involved in the embodiments is used to schematically illustrate the practice of the present application, and is not limited thereto and may be appropriately adjusted as desired.
First, terms of art in the embodiments of the present application will be explained:
VPC: a virtual private network (Virtual Private Cloud), an isolated network-on-cloud space.
DC: dedicated access (Direct Connect) is a cloud service that provides a fast and reliable connection between a user data center and resources on the cloud.
IDC: the internet data center (Internet Data Center) is a perfect application service platform with perfect equipment (high-speed internet access, high-performance local area network, safe and reliable machine room environment), specialized management.
Overlay network: logical network on cloud: refers to one or more logical networks constructed on a physical network through a network virtualization technology on the cloud.
Underway network: carrying physical network: the physical network is actually composed of an exchanger, a router, a physical server and other entity devices and carries an Overlay logical network.
NFV: network function virtualization (Network Function Virtualization), utilizing network virtualization technology, the functions of each network node are implemented in the form of software.
API: an application program interface (Application Program Interface), an interactive interface of application program functions, definitions or protocols.
PoP point: a Point-of-Presence (Point-of-Presence) accesses an entry Point of an enterprise network.
PE: operator Edge router (Provider Edge), backbone Edge device.
VRF: virtual route forwarding (Virtual Routing Forwarding) is a technique for implementing traffic isolation by running multiple routing tables on a single routing switch.
SDN: a software defined network (Software Defined Network), a network management method supports dynamically programmable network configuration.
P4 (Programming Protocol-Independent Packet Processors), a high level programming language, is specifically used to configure the data plane forwarding and processing logic of the switch.
In recent years, more and more enterprises have chosen a self-built enterprise-level cloud environment as the IT infrastructure for application deployment. In the process of gradually migrating application services to the cloud, coexistence of existing data center infrastructure, private cloud and newly-built enterprise-level public cloud is likely to occur, and meanwhile, the state of the mixed cloud is still required to be maintained continuously or even for a long time due to actual requirements of enterprises such as supervision, data security and the like. In order to meet the high throughput, low latency and high availability performance of the local area network between the technical stacks, a great challenge is brought to the existing cloud network gateway architecture based on the server NFV technology.
At present, the mainstream solution is that through the way that a DC product on each technical stack cloud is used as an Overlay network of a cloud environment and an outside-cloud Overlay network, cloud environments among different regions and different technical stacks are accessed to an enterprise-level core network through DC, and corresponding routes are configured on the core network, the interconnection and the intercommunication of the above-cloud Overlay network can be realized, and the VPC is distinguished in a mode of logical isolation on the cloud and physical isolation under the cloud.
In the data forwarding plane, the current mainstream solution is to deploy a data forwarding gateway application on a physical server through an NFV technology, and simultaneously cooperate with a three-layer border switch l2vpn technology. And the outer layer tunnel encapsulation, decapsulation and protocol conversion of the private line traffic on the cloud are realized. Meanwhile, based on virtual routing protocol application and equivalent routing strategy deployed on the servers, a plurality of physical servers form a gateway cluster, so that the high availability is ensured while the transverse capacity expansion is realized. However, the current mainstream server network cards are 10G, 25G, and 100G specifications, and it is difficult to satisfy both throughput and packet transmission/reception amount at the time of line speed transfer even when using a technology such as DPDK. Meanwhile, the data packet forwarding process involves data interaction among the network card, the memory and the CPU, and the data packet processing and forwarding delay is high and unstable under high network load.
In a control plane, when a plurality of devices are used, a component is often required to be independently developed and deployed to adapt to the system interfaces of all manufacturers, so that development workload is increased and complexity of a cloud network control system is increased.
At present, interconnection and interworking among a plurality of cloud technology stacks still depend on special line access or similar cloud network products for carrying data plane traffic by a server gateway cluster realized based on an NFV technology. The product is internally provided with a gateway cluster, a boundary switch, a switch controller and other components to complete the automatic arrangement and the issuing of the bearing of the multi-stack interconnection and interworking flow of the data plane and the multi-stack interconnection and interworking configuration of the control plane.
From the data plane, the data forwarding application deployed in the physical server cluster and the three-layer private line access switch deployed at the physical network boundary of each technical stack bear the interconnection and interworking traffic among multiple stacks. The data forwarding application in the physical server has high-efficiency network message data forwarding efficiency through technical means such as DPDK, and can meet the line speed level of the 10G/100G network card of the general server in forwarding efficiency while realizing network protocol conversion and multi-VPC logic isolation on the cloud functionally. From the control plane, the gateway server in the cluster automatically acquires the VPC route on the cloud and the IDC route configuration outside the cloud from the platform centralized configuration management center through the deployment agent, the boundary private line access switch deploys the controller on the cloud, and the controller generates a switch configuration command through netconf and other methods to finish configuration issuing.
Through the above logical analysis of the data plane and the control plane, it is easy to see that in the data plane, the network capacity that the gateway cluster can provide is determined by the number of gateway servers and the specifications of the server network cards. In the application scenario of the hybrid cloud, a large number of physical servers are often required to be input to transversely expand the gateway cluster in order to meet the requirement of high network bandwidth in the local area network. On the other hand, the data forwarding application deployed in the physical server relates to a large amount of data interaction among the CPU, the memory and the network card, and the forwarding time delay of the data forwarding application becomes larger and unstable along with the rising of the data forwarding amount. In the control plane, the agent component in the gateway server is a cloud native component, and the update is automatically acquired by monitoring a cloud base public configuration library. The border switch then needs to rely on additional controller components to issue the configuration via control protocols such as netconf. In addition, because netconf commands of all switch manufacturers are inconsistent, the controller needs to adapt grammar and semantics to the configuration of different manufacturers, and the complexity of the system is increased.
Based on this, the embodiment of the invention provides a method for interconnection and interworking of cloud network cross-technology stacks, as shown in fig. 1, including:
step 101: receiving a data packet, and identifying the message type of the data packet, wherein the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC, or a service data message sent to the VPC by the IDC;
step 102: inquiring first routing information from a preset routing table according to tunnel ID and session information in the service data message of which the message type is VPC and sent to IDC, comparing the first routing information with the preset routing information, decapsulating the service data message of which the comparison is successful and sending the decapsulated message to forwarding the decapsulated message;
step 103: inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the successfully compared IDC sent to VPC, and forwarding the tunnel encapsulated message;
step 104: when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU.
According to the cloud network cross-technology stack interconnection method provided by the embodiment of the invention, the high throughput capacity of the special programmable switching chip is utilized, the network throughput capacity of Tbps level can be met only by a small amount of equipment carrying the chip, and meanwhile, the special network chip can meet the requirement of stable low time delay under any load condition. On the control plane, the agent components on the original gateway server are multiplexed by utilizing the matched CPU and operating system of the programmable switching chip, so that the complexity of the whole system is reduced.
In specific implementation, the overall network scheme of the data plane proposed in the embodiment of the present application is shown in fig. 2. The switch system based on the programmable switch chip (hereinafter referred to as a programmable switch) is used as a boundary between the Overlay network and the Underlay network to access the core switch of the region, and has the main functions of unpacking the tunnel messages isolated from each other on the cloud and transmitting the tunnel messages to the Underlay network, and simultaneously, publishing the VPC address on the cloud outwards in a dynamic routing mode. In the other direction, the non-tunnel message with the destination address being VPC on the cloud is identified and packaged into the corresponding tunnel. Because the inner layer message is transmitted on the external cloud IDC and the enterprise core network, the VPC address for multi-stack interconnection by using the scheme needs to be planned uniformly by the enterprise IT department in advance.
The routing scheme provided in the embodiment of the present application is shown in fig. 3, where multiple programmable switches provide services externally in a multi-active cluster manner. Physically, the regional core switch is accessed by a full mesh mode. On the route, for VPC on the cloud, each programmable switch in the cluster issues the same virtual address through EBGP, and the computing resource on the cloud takes the address as the next-hop address of the outer layer for accessing other technical stack addresses. For other technical stacks, after a new VPC is obtained and a route for accessing other technical stacks is added, each programmable switch in the cluster can automatically obtain an address segment of the VPC and issue the address segment to a regional core switch through the same BGP AS. Traffic of other technology stacks accessing the VPC will be automatically routed to the cluster.
In an embodiment, the programmable switch chip data message processing logic provided in the embodiments of the present application mainly classifies the messages processed by the programmable switch chip into three types:
a) The cloud VPC cross-technology stack sends service data messages to the IDC, wherein the messages are differentiated VPCs, after tunnel encapsulation, the programmable switching chip is required to look up a table according to tunnel ID and inner layer session information, only the service data packets which are added with the routed VPCs and hit an ACL white list can be forwarded, the forwarding process can decapsulate the tunnel messages, and the inner layer messages are sent;
b) The IDC cross-technology stack sends service data messages of VPCs on the cloud, the messages are not packaged by tunnels, VPC network segments released by the clusters are routed to a programmable switch, a programmable switch chip looks up a table according to destination addresses of data packets to obtain tunnel IDs of the VPCs, only the service messages added with the routed VPCs and hitting ACL white lists can be forwarded, the forwarding process can package the messages in tunnels, an outer source address is a gateway cluster VIP, and a destination address is a VIP address of a host or other gateway clusters corresponding to the destination in a routing table;
c) Control messages, generally including network protocol messages, such as two-layer ARP messages, ICMP messages for detecting port addresses and VIP addresses, control messages related to routing protocols, such as BGP, OSPF, BFD, need to be processed by a CPU, so that after receiving a message, the control messages mark the data of the message Wen Yuan and finally send the message to the CPU.
In an embodiment, decapsulating the service data message sent from the successfully aligned VPC to the IDC, and forwarding the decapsulated message includes:
de-encapsulating the successfully compared service data message sent by the VPC to the IDC, and transparently transmitting the de-encapsulated service data message with the type of the service data message sent by the VPC to the IDC;
and adopting a dynamic routing mode to release the VPC address in the service data message of which the type is VPC-to-IDC after the unpacking.
In an embodiment, the tunnel encapsulation is performed on the service data message sent to the VPC by the IDC that is successfully compared, and before forwarding the tunnel encapsulated message, the method further includes:
the VPC addresses of the multi-stack interconnect are uniformly planned.
In an embodiment, further comprising:
installing a preset chip driver in an operating system, and loading a data processing program in the chip driver to a programmable switching chip;
adding route configuration information through an interface of a programmable switching chip;
and dynamically updating a preset routing table according to the routing configuration information.
In an embodiment, further comprising:
reading monitoring information according to an interface of the programmable switching chip, wherein the monitoring information is operation data of a corresponding interface of the programmable switching chip;
and reporting the monitoring information of the corresponding interface when the monitoring information reaches the early warning standard.
In specific implementation, the control plane scheme provided in the embodiment of the present application mainly includes:
the function of the chip control process comprises that a chip driver is installed in an operating system kernel when a program is started, a data plane forwarding logic program is loaded to a programmable switching chip, routing configuration is added through a driver API, custom information such as monitoring is read, and meanwhile, a service is started in the operating system for other processes to call.
The routing agent process acquires configuration information such as routing, ACL (access control list) of the cluster by monitoring a configuration unified management platform provided by the cloud platform, and dynamically updates the table items in the programmable exchange chip by calling an interface of a chip control program.
The process of monitoring monitor obtains the current service monitoring statistics such as port utilization rate, time delay, packet loss statistics and the like by calling an interface of a chip control program, and reports the service monitoring statistics to a unified service monitoring alarm platform provided by the cloud platform.
The routing protocol program is mainly a series of processes for completing the control of the routing protocol of the underway network, and BFD session maintenance, BGP neighbor maintenance, route release and the like are completed through the processes. All protocol control messages are transmitted and received through a kernel protocol stack and a matched chip driver.
The process of 'monitoring agent' mainly completes the collection of operation system and hardware related operation and maintenance monitoring information, and reports to a unified operation and maintenance monitoring alarm platform provided by the cloud platform.
The daemon process mainly completes real-time monitoring of the key processes, and restarts the processes in time when the program exits abnormally or is dead, so that the high availability of the system is improved.
In specific implementation, the high-availability design of the method for interconnection and interworking of cloud network cross-technology stacks provided in the embodiment of the application is as follows:
a) Port level high availability design: each programmable switch and the regional core switch are connected and networked in a full mesh mode, ports are connected in a direct connection and non-aggregation mode, a routing protocol is issued in a BGP mode, and each port forms an equivalent route at a routing layer. When a single port and a line between ports have faults, port isolation can be completed through BGP protocol, and BFD protocol is used to accelerate BGP monitoring time, so that fault recovery time can reach millisecond level;
b) Device level high availability design: each gateway cluster consists of a plurality of programmable switches, BGP AS of each switch keeps consistent, and each device forms an equivalent route at a route layer. And ensuring the rule consistency of each device by configuring a unified management platform. Referring to the recovery time of the port level fault, so that the automatic recovery time of the whole fault of the equipment reaches a millisecond level;
c) Cluster-level high availability design: each cloud network technology stack has the capability of multiple gateway clusters, so that different VPCs can use the capability of different gateway clusters, the capability of VPCs for migration among different gateways is supported, fault cluster isolation can be realized through the VPC instance batch migration function on the clusters for fault clusters, and the service on the cloud can be quickly recovered; the method can also recover to the private line access gateway cluster by retaining the original private line access mode and modifying the VPC sub-network routing table so as to recover the cross-stack interconnection mode to the private line access gateway cluster by modifying the VPC sub-network routing table so as to realize the fault recovery of the heterogeneous method.
The programmable switch chip related in the embodiment of the application does not refer to a specific model of chip, and the designed switch equipment does not refer to a specific manufacturer. Thus in order to be compatible with devices of different chips, devices of the same chip but of different vendors. The method mainly uses an operating system kernel protocol stack, a virtual network card and a physical network card of a CPU part in the aspects of routing agent, monitor and routing protocol program, so that only an operating system needs to be adapted. In the chip control process, a standard and unified RPC interface is provided for the routing agent and the monitoring monitor on one hand, and on the other hand, the special definition design of the same chip by adapting the chip and different manufacturers is needed.
In addition, the data forwarding program inside the chip is generally developed, designed and compiled by adopting the P4 language, and a compiling tool of the P4 language is generally provided for different chips. Therefore, the program of the part has no adaptation difficulty, and the adaptation can be completed only by recompilation by using the same code and a corresponding compiling tool.
The embodiment of the invention also provides a cloud network cross-technology stack interconnection and interworking device, which is described in the following embodiment. Because the principle of the device for solving the problem is similar to that of the cloud network cross-technology stack interconnection and intercommunication method, the implementation of the device can be referred to the implementation of the method, and the repetition is omitted.
Fig. 4 is a schematic diagram of a cloud network cross-technology stack interconnection and interworking device provided in an embodiment of the present invention, where, as shown in fig. 4, the device includes:
the data receiving module 401 is configured to receive a data packet, and identify a packet type of the data packet, where the packet type includes a control packet, a service data packet sent by the VPC to the internet data center IDC, or a service data packet sent by the IDC to the VPC;
the decapsulation module 402 is configured to decapsulate a service data packet with a packet type of VPC sent to IDC, query first routing information from a preset routing table according to tunnel ID and session information in the service data packet with the packet type of VPC sent to IDC, compare the first routing information with the preset routing information, decapsulate the service data packet with a successfully compared VPC sent to IDC, and forward the decapsulated packet;
the encapsulation module 403 is configured to query the second routing information from the preset routing table according to the destination address in the service data packet with the packet type IDC sent to the VPC, compare the second routing information with the preset routing information, perform tunnel encapsulation on the service data packet with the packet type IDC sent to the VPC, and forward the tunnel-encapsulated packet;
and the marking module 404 is configured to mark metadata in the control class message when the message type is the control class message, and send the marked metadata to the CPU.
In one embodiment, the decapsulation module 402 is specifically configured to:
de-encapsulating the successfully compared service data message sent by the VPC to the IDC, and transparently transmitting the de-encapsulated service data message with the type of the service data message sent by the VPC to the IDC;
and adopting a dynamic routing mode to release the VPC address in the service data message of which the type is VPC-to-IDC after the unpacking.
In an embodiment, the system further includes a planning module, specifically configured to:
the VPC addresses of the multi-stack interconnect are uniformly planned.
In an embodiment, the device further comprises a configuration module, specifically configured to:
installing a preset chip driver in an operating system, and loading a data processing program in the chip driver to a programmable switching chip;
adding route configuration information through an interface of a programmable switching chip;
and dynamically updating a preset routing table according to the routing configuration information.
In an embodiment, the system further comprises a monitoring module, specifically configured to:
reading monitoring information according to an interface of the programmable switching chip, wherein the monitoring information is operation data of a corresponding interface of the programmable switching chip;
and reporting the monitoring information of the corresponding interface when the monitoring information reaches the early warning standard.
Based on the foregoing inventive concept, as shown in fig. 5, the present invention further proposes a computer device 500, including a memory 510, a processor 520, and a computer program 530 stored in the memory 510 and capable of running on the processor 520, where the method for implementing the interconnection and interworking of the cloud network across the technical stacks is implemented when the processor 520 executes the computer program 530.
The embodiment of the invention also provides a computer readable storage medium which stores a computer program, and the computer program realizes the method for interconnection and interworking of the cloud network crossing technology stacks when being executed by a processor.
The embodiment of the invention also provides a computer program product, which comprises a computer program, and the computer program realizes the method for interconnection and intercommunication of the cloud network crossing technology stacks when being executed by a processor.
To sum up, in the embodiment of the present invention, a data packet is received, and a packet type of the data packet is identified, where the packet type includes a control class packet, a service data packet sent by a virtual private network VPC to an internet data center IDC, or a service data packet sent by IDC to the VPC; inquiring first routing information from a preset routing table according to tunnel ID and session information in the service data message of which the message type is VPC and sent to IDC, comparing the first routing information with the preset routing information, decapsulating the service data message of which the comparison is successful and sending the decapsulated message to forwarding the decapsulated message; inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the successfully compared IDC sent to VPC, and forwarding the tunnel encapsulated message; when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU. Thus, the high throughput capacity of the special programmable switching chip can meet the network throughput capacity of Tbps level only by a small amount of equipment carrying the chip, and meanwhile, the special network chip can meet the requirement of stable low time delay under any load condition. On the control plane, the agent components on the original gateway server are multiplexed by utilizing the matched CPU and operating system of the programmable switching chip, so that the complexity of the whole system is reduced.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (13)
1. The method for interconnection and intercommunication of the cloud network cross-technology stack is characterized by comprising the following steps:
receiving a data packet, and identifying the message type of the data packet, wherein the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC, or a service data message sent to the VPC by the IDC;
inquiring first routing information from a preset routing table according to tunnel ID and session information in the service data message of which the message type is VPC and sent to IDC, comparing the first routing information with the preset routing information, decapsulating the service data message of which the comparison is successful and sending the decapsulated message to forwarding the decapsulated message;
inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the successfully compared IDC sent to VPC, and forwarding the tunnel encapsulated message;
when the message type is a control type message, marking metadata in the control type message, and sending the marked metadata to the CPU.
2. The method of claim 1, wherein decapsulating the successfully aligned VPC-sent service data message to IDC, and forwarding the decapsulated message comprises:
de-encapsulating the successfully compared service data message sent by the VPC to the IDC, and transparently transmitting the de-encapsulated service data message with the type of the service data message sent by the VPC to the IDC;
and adopting a dynamic routing mode to release the VPC address in the service data message of which the type is VPC-to-IDC after the unpacking.
3. The method of claim 1, wherein tunneling the successfully aligned IDC traffic data message to the VPC, and before forwarding the tunneling the encapsulated message, further comprising:
the VPC addresses of the multi-stack interconnect are uniformly planned.
4. The method as recited in claim 1, further comprising:
installing a preset chip driver in an operating system, and loading a data processing program in the chip driver to a programmable switching chip;
adding route configuration information through an interface of a programmable switching chip;
and dynamically updating a preset routing table according to the routing configuration information.
5. The method as recited in claim 4, further comprising:
reading monitoring information according to an interface of the programmable switching chip, wherein the monitoring information is operation data of a corresponding interface of the programmable switching chip;
and reporting the monitoring information of the corresponding interface when the monitoring information reaches the early warning standard.
6. The device for interconnection and intercommunication of the cloud network cross-technology stack is characterized by comprising:
the data receiving module is used for receiving the data packet and identifying the message type of the data packet, wherein the message type comprises a control message, a service data message sent to an internet data center IDC by a virtual private network VPC or a service data message sent to the VPC by the IDC;
the de-encapsulation module is used for de-encapsulating the service data message with the message type of VPC sent to IDC, inquiring first route information from a preset route table according to tunnel ID and session information in the service data message with the VPC sent to IDC, comparing the first route information with the preset route information, de-encapsulating the service data message with the successfully compared VPC sent to IDC, and forwarding the de-encapsulated message;
the encapsulation module is used for inquiring second routing information from a preset routing table according to a destination address in the service data message with the message type of IDC sent to the VPC, comparing the second routing information with the preset routing information, carrying out tunnel encapsulation on the service data message with the message type of IDC sent to the VPC, and forwarding the tunnel-encapsulated message;
and the marking module is used for marking the metadata in the control type message when the message type is the control type message and sending the marked metadata to the CPU.
7. The apparatus of claim 6, wherein the decapsulation module is specifically configured to:
de-encapsulating the successfully compared service data message sent by the VPC to the IDC, and transparently transmitting the de-encapsulated service data message with the type of the service data message sent by the VPC to the IDC;
and adopting a dynamic routing mode to release the VPC address in the service data message of which the type is VPC-to-IDC after the unpacking.
8. The apparatus of claim 6, further comprising a planning module, in particular for:
the VPC addresses of the multi-stack interconnect are uniformly planned.
9. The apparatus of claim 6, further comprising a configuration module, in particular for:
installing a preset chip driver in an operating system, and loading a data processing program in the chip driver to a programmable switching chip;
adding route configuration information through an interface of a programmable switching chip;
and dynamically updating a preset routing table according to the routing configuration information.
10. The apparatus of claim 9, further comprising a monitoring module, in particular for:
reading monitoring information according to an interface of the programmable switching chip, wherein the monitoring information is operation data of a corresponding interface of the programmable switching chip;
and reporting the monitoring information of the corresponding interface when the monitoring information reaches the early warning standard.
11. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 5 when executing the computer program.
12. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program which, when executed by a processor, implements the method of any of claims 1 to 5.
13. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311512620.9A CN117579428A (en) | 2023-11-14 | 2023-11-14 | Method and device for interconnection and interworking of cloud network cross-technology stacks |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311512620.9A CN117579428A (en) | 2023-11-14 | 2023-11-14 | Method and device for interconnection and interworking of cloud network cross-technology stacks |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117579428A true CN117579428A (en) | 2024-02-20 |
Family
ID=89894694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311512620.9A Pending CN117579428A (en) | 2023-11-14 | 2023-11-14 | Method and device for interconnection and interworking of cloud network cross-technology stacks |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117579428A (en) |
-
2023
- 2023-11-14 CN CN202311512620.9A patent/CN117579428A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107646185B (en) | Method, system and storage medium for operation maintenance management in an overlay environment | |
| CN102209024B (en) | The moving method of virtual machine and system | |
| CN111736958B (en) | Virtual machine migration method, system, computer equipment and storage medium | |
| CN111865779B (en) | Route synchronization method and cross-device link aggregation group | |
| CN109714238B (en) | Method and equipment for realizing communication between virtual machines | |
| EP3197107B1 (en) | Message transmission method and apparatus | |
| CN109716717A (en) | From software-defined network controller management virtual port channel switching equipment peer-to-peer | |
| CN111510378A (en) | EVPN message processing method, device and system | |
| CN111064649B (en) | Method and device for realizing binding of layered ports, control equipment and storage medium | |
| CN113746717B (en) | Network equipment communication method and network equipment communication device | |
| CN116319529A (en) | Auxiliary replication in software defined networks | |
| WO2023165137A1 (en) | Cross-cluster network communication system and method | |
| CN108574613B (en) | Two-layer intercommunication method and device for SDN data center | |
| CN113992582B (en) | Message forwarding method and device | |
| CN103631652A (en) | Method and system for achieving virtual machine migration | |
| CN114143258B (en) | Service agent method based on Open vSwitch under Kubernetes environment | |
| CN115174468A (en) | Route synchronization method, cross-device link aggregation group, electronic device and medium | |
| CN113938405B (en) | Data processing method and device | |
| CN113254148A (en) | Virtual machine migration method and cloud management platform | |
| JP7152665B2 (en) | Information processing device, information processing system, and setting program | |
| CN108600073B (en) | Dynamic tunnel establishment method and device | |
| George et al. | A Brief Overview of VXLAN EVPN | |
| CN114520752A (en) | VXLAN protocol control plane unloading method and device based on intelligent network card | |
| CN117579428A (en) | Method and device for interconnection and interworking of cloud network cross-technology stacks | |
| CN114553707B (en) | Method and device for generating topology information of network and delimiting network faults |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |